Abney and Associates Online Warning and Fraud Prevention: Newsvine

A spear phishing campaign targeting 11 companies in the energy sector occurred in October, according to the Industrial Control Systems Cyber ​​Emergency Response Team (ICS-CERT).

After a power company has posted on its website the names, addresses, corporate email, and titles of employees in the industry who attended a recent meeting of the Committee, the attackers were able to use the information to craft their messages, ICS-CERT said in its latest newsletter (PDF).

The malicious e-mails asked recipients to click on a link attached that would direct access to the new email address of the sender. Instead, the link takes users to a website that served as malware. Another e-mail with a malicious attachment is supposed to be associated with the campaign, according to the bulletin.

The campaign failed, leading to "no known infections or intrusions," the report said.

A spear phishing campaign targeting 11 companies in the energy sector occurred in October, according to the Industrial Control Systems Cyber ​​Emergency Response Team (ICS-CERT).

After a power company has posted on its website the names, addresses, corporate email, and titles of employees in the industry who attended a recent meeting of the Committee, the attackers were able to use the information to craft their messages, ICS-CERT said in its latest newsletter (PDF).

The malicious e-mails asked recipients to click on a link attached that would direct access to the new email address of the sender. Instead, the link takes users to a website that served as malware. Another e-mail with a malicious attachment is supposed to be associated with the campaign, according to the bulletin.